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Java Script code hidden in adverts served up by ad-networks covertly 
mines various crypto-currencies directly inside your web browser new 
research by a team of security experts reveal. The security researchers at 
We Live Security discovered the custom Java Script code being executed in 
adverts that appear on a number of Russian and the Ukrainian websites. 


Cryptocurrency web mining: In union there is profit | We Live 

Security 

(https://www.welivesecurity.com/2017/09/14/cryptocurrency- 
web-mining-union-profit/) - 09/14/2017 










In the last months, we stumbled upon some JavaScript files 
apparently used to mine cryptocurrencies directly within the browser. 
For a long time now, cybercriminals have taken advantage of 
cryptocurrency mining in order to make a profit. However, they 
generally use malware or potentially unwanted applications they 
install on the victim’s machine in order to turn a dishonest penny. 

In this particular case, the mining is performed directly within the 
browser when the user browses to certain websites. Thus, there is no 
need to infect the victim’s machine or to exploit vulnerabilities. All 
that is needed is a browser with JavaScript activated, which is the 
default state of most browsers. 


The code used in this new malvertising campaign is an updated version of 
MineCrunch which was a script originally developed and released back in 
2014. 
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Hello. My name is Sergiy, and I glad to present my humble service - MineCrunch It is on pretty early stage, something between alpha and beta testing. I'd say "Proof of 
concept", rather ready-to-use product 


The killer feature is seamless integration in any webpage to allow visitors to generate some cryptocoin to it’s owner 
It has no extra dependencies, like a Java or Flash. Just pure Javascript + WebSockets ( 84.5%) . 

While classic CPU mining gives too few profit, distributed mining (hundreds and thousands of visitors) of some new Cryptocoin (cpu-only or so) with nearly native 
speed (thanks to asm.js) may be very sweet. 


Brief Technical Information 


• The C Scrypt miner was compiled to Javascript by using Emscripten to achieve the best performance. The performance is about 1 5x slower than native 
cpuminer application. 

• WebGL is not suitable for GPU mining yet, it is too limited for now for this purposes. 

• I use patched NOMP due it's simplicity. You need only your wallet address to integrate the miner on your website. 

• I use WebSockets to implement Stratum protocol between Web Miner and pool. 


Currently, miner supports only Scrypt protocol, and there is Litecoin configured within test network on the server side. 

I want to make sure all components are working well; pool server supports a lot of small clients with micro shares etc. 


So. I need the feedback about this project, and some volunteers to test it better. 

Actually, I don't know what to say more about. Just feel free to ask me anything, I'd glad to get any feedback. 


The URL is http://minecrunch.co/ . while some webminer example you can find here: http://kukunin.Qithub.io/webminer/ . 

Thank you! 


Source (https://web.archive.org/web/20170916151159/https://cryptocurrencytalk.com/topic/24618- 
minecrunch-web-js-miner-with-integration-feature/) 


Different from traditional GPU crypto mining setups this technique uses 
the CPU to mine a choice of either Monero, Litecoin or Feathercoin. To 




obfuscate processor use and to maximize mining time this modified code 
has mainly been executed on movie streaming and in-browser gaming 
websites due to the length of time people spend on these type of sites, and 
their already high CPU usage. 
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Whilst looking into this I found a new cryptocurrency called JSE Coin 
which seems to do pretty much the same thing albeit a little more legally. 
Rather than injecting the mining code into your browser using adverts the 
code is offered to website owners and webmasters which they can add to 
their own websites to mine the JSE Coin for themselves via visitors 
browsers. 
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"cryptocurrency mined by webmasters built for everyone" 
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Website visitors carry out the mathematical hashing process in the 
background while browsing a website using excess CPU power which 
would be otherwise wasted. An unobtrusive code snippet placed on 
the website runs in the browser while a visitor is on the page. This 
provides the hashing functionality required to secure the blockchain. 
Website visitors are made aware of the mining with a privacy 
notification and given a chance to opt-out. 


I did a bit of analysis on the jesecoin website (https://jsecoin.com/) 
(archived version (https://archive.is/10y8f) for anyone not wanting to 
mine). I used the tor browser which has Java Script disabled by default and 
I found the overall processing power used on this site to be on average 
about 20-25%. 








Java Script Enabled 
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Resource Monitor... 


CPU Usage: 30% 


Physical Memory: 37% 
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When you first visit a website that has this script embedded a small 
disclaimer banner appears for about 5 seconds at the bottom of your 
browser window and then disappears even if you hover your mouse 
pointer over it. I have tried the JSE Coin website and a few others that also 
have the code enabled and it seems that this banner only appears once 
when you first visit. Repeat visits did not make the banner show up again. 


learn more dontshow privacy &optout Website Monetized With 


JSECOIN 


Although this is a pretty unique idea and one that could be used instead of 
adverts to help monetize websites I feel they are going about it in the 
wrong way. They seem to be only doing the minimum possible to inform 
people of exactly what is happening. This to me feels like they are trying to 
hide something from a website visitor instead of being up front from the 
beginning. 


It isn't the first time this has been tried. In 2011 a group called Bitpit tried 





































the same thing with BitCoin mining but were unsuccessful and shut down 
2 months later due to the increased difficulty of the hashes. 
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Javascript is just too slow to mine bitcoins. The recent difficulty increases have made this an impractical idea. Couple that with the fact that WebCL 
is practically non-existant, and what you are left with is an ornithopter. 

It is this reason that we started our own pool (https://pool.bitp.it) for people to use their own CPUs and GPUs to mine for bitcoins. It is also this 
same reason that effective July 9th, 2011 we will no longer be offering Javascript as even an option. All existing users are encouraged to switch to 
our pool. 

We will leave the server side Javascript in-place, so you're existing websites will not attempt to fetch content that doesn't exist. However, the JS 
on our end will be gutted rendering it non-functional. 

Just for recap: 

• We will NOT be discontinuing our pool 

• All users are encouraged to join our pool 

• July 9th will be the last day the Javascript stuff is functional 

• July 9th will be the last day we perform payouts 


Source (https://bitcointalk.org/index.php?topic=9042.0) 


Then in 2013 a group of MIT students received a subpoena by the New 
Jersey Attorney Generals Division of Consumer Affairs office after forming 
a company called Tidbit which did basically the same thing but without 
providing a disclaimer or an option to opt-out on the websites that used 
their code. 

Press Release | NJ consumer Affairs (https://archive.is/Xr8rE) - 

05/26/2015 

A New Jersey Division of Consumer Affairs investigation has found 
that, despite initial assertions by Tidbit's developer, the software was 
used to gain access to computers owned by persons in New Jersey, 
without the computer owners' knowledge or consent. 

The Division further found that the developer of Tidbit offered and 
provided the software to web developers without reviewing their 
privacy policies, and without having any control, compliance, or 
review mechanism in place. The Division alleges that these actions 
constituted violations of New Jersey's Computer Related Offenses Act 
and Consumer Fraud Act. 














For a long time people have been wanting a different model other than 
adverts to monetize their websites. The advertisement model is outdated, 
intrusive and ugly. This Java Script browser mining model on the whole 
does seem like a good idea as long as visitors to websites using it fully 
understand what is going on and have a clear and simple way of opting out 
if they wish to. Maybe an opt-in option should be available instead of being 
opt-in by default. At the moment it doesn't seem like it's an alternative to 
advertising but an addition to monetizing websites as most of the websites 
I went to that are employing this code are also still running adverts. 

Please leave your thoughts below as It'd be great to hear any of your 
comments and concerns regarding this new way of making money from 
websites. 
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cryptoeagle (59) ▼ (/@cryptoeagle) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@cryptoeagle/re-fortified-java-script-crypto-browser-mining-or- 

illegal-or-revolutionary-20170916t215318561z) 

Very interesting, could this be a new way to legalize monetize websites in the future? Together with 
micropayments this could fuel the next wave of internet innovation and provide content creators with 
much needed revenue 
0 $0.24'*' 2votes'^ Reply 

fortified (65) ■*• (/(©fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@fortified/re-cryptoeag[e-re-fortified-java-script-crypto- 

browser-mining-or-illegal-or-revolutionary-20170916t221032900z) 

Sure thing. Hopefully it would help content creators to not be tied into adverts. There’s 
certainly a long way to go before it becomes the norm. 

0 $0.13'*' lvote'*' Reply 


midgarosormr(25)^ (/@midgarosormr) ■ 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 
browser-mi ning-or-illegal-or-revolutiona ry#@midgarosormr/ re-fortified-java-script-crypto-browser-mi ning-or- 
illegal-or-revolutionary-20170920tlll856705z) 

I only became aware of this sort of thing within the last few days, but an acquaintance of mine said 
that this sort of thing has been going on since circa 2014, which kinda shocked me. 

In my humble opinion, if you don’t know about it (know being the key definition, here), it’s invasive, 
underhanded, ’black hat’ and thus on the same level as malware/spyware, and it should be treated as 
such. 
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fortified (65) ▼ (/(©fortified) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@fortified/re-midgarosormr-re-fortified-java-script- 

crypto-browser-mining-or-illegal-or-revolutionary-20170920t203412600z) 

I agree. It's been going on since 2011 as far as I can tell. 

Knowing about it is definitely the key. 

© $0.00 lvote’*' Reply 

midgarosormr(25)'»' (/@midgarosormr) ■ 5 months ago [-]. 

(/cryptocurrency/@fortified/java-script-crypto-browser-mining-or-illegal-or- 
revolutionary#@midgarosormr/re-fortified-re-midgarosormr-re-fortified-java-script-crypto- 
browser-mining-or-illegal-or-revolutionary-20170921t024438457z) 

2011? That's fairly disturbing. 

I wonder how many times I've unknowingly helped someone mine bitcoin or 
another altcoin? 

@ $0.00 Reply 


discordiant(60)’*- (/@discordiant) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mi ning-or-illegal-or-revolutionary#@discordiant/re-fortified-java-script-crypto-browser-mining-or- 
illegal-or-revolutionary-20170916t212153634z) 

More reasons why I love NoScript for my browsers. 

© $0.04'*' lvote"*" Reply 

fortified (65) ▼ (/(©fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mining-or-illegal-or-revolutionary#@fortified/re-discordiant-re-fortified-java-script-crypto- 

browser-mining-or-illegal-or-revolutionary-20170916t221422800z) 

Same here. I much prefer to be able to choose what I run and don't run. 

© $0.00 Reply 


jsecoin (35) ▼ (/@jsecoin) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining- [-]. 

or-illegal-or-revolutionary#@jsecoin/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 

20170919tl92643262z) 

Hi, thanks for your review of JSEcoin. We appreciate all feedback on the site/platform as it lets us 
know what people like and don't like and what we can do better, although we feel that “only doing the 
minimum possible “ is a little harsh. 

The banner is programmed to reappear once every hour per site. We felt this would minimise the 
impact on the users experience of the site, especially if they were navigatingthrough numerous 
different pages. We are keen to hear some other views on this and actually have a thread open in our 


forum specifically for any feedback relating to the privacy notice so any input into this is appreciated. 

https://jsecoin.eom/forums/topic/privacy-notification/#post-656 

(https://jsecoin.eom/forums/topic/privacy-notification/#post-656). 

We are keen to maintain transparency about the mining taking place and agree that this is key to large 
scale adoption of the concept. 

0 $0.04 ▼ 3 votes ^ Reply 


neuromancer(5l) ▼ (/@neuromancer) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 
browser-mi ning-or-illegal-or-revolutiona ry#@neu romancer/re-fortified-java-script-crypto-browser-mini ng-or- 
illegal-or-revolutionary-20170917t041413907z) 

This may be less visually invasive than using advertising for generating website revenue, but as we all 
know (or should) many online advertising now uses invasive and invisible methods without consent, 
such as tracking, monitoring, system fingerprinting, etc. 

Transparency and consent are just as necessary for this to be a legitimate rather than insidious 
(https://en.wiktionary.org/wiki/insidious) practice. 

Thanks for sharing, resteemed. 

0 $0.00 Reply 


rodneybodker(25)^ (/@rodneybodker) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 
browser-mi ning-or-illegal-or-revolutiona ry#@rodneybodker/re-fortified-java-script-crypto-browser-mi ning-or- 
illegal-or-revolutionary-20170916t224727818z) 

This is preferable to ads for consumers for sure. I personally am excited for JSEcoin as a developer. I 
think it could be the future of monetization for independent developers, not so much large scale 
applications. 

0 $0.00 Reply 

fortified (65) ▼ (/@>fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@fortified/re-rodneybodker-re-fortified-java-script- 

crypto-browser-mining-or-illegal-or-revolutionary-20170917t005218200z) 

True. But I hope there is lot more transparency when it comes to letting people know their 
computer power is being used and I also hope that it could be an alternative to adverts rather 
than being used along side adverts. 

0 $0.00 Reply 


exxoduslsz)-*- (/@exxodus) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto-browser- [-] 
mi ning-or-illegal-or-revolutiona ry#@exxodus/re-fortified-java-script-crypto-browser-mining-or-illegal-or- 
revolutionary-20170916t235156861z) 

This is pretty genius. Thanks for the post!! Voted and resteemed! 

0 $0.00 Reply 


fortified (65) ▼ (/(©fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mining-or-il[egal-or-revolutionary#@fortified/re-exxodus-re-fortified-java-script-crypto- 

browser-mining-or-i[[ega[-or-revolutionary-20170917t005251100z) 

I think only time will tell. 

Thanks for your support. 

@ $0.00 Reply 


lavater(53) ▼ (/@lavater) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining- [-] 
or-illegal-or-revolutionary#@lavater/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 
20170916t205039931z) 

Maybe that's why my battery lasts less and less each day ;P 
Interesting alternative to the current advertisement model. 

I think the Brave Browser + BAT crypto is better though. 

0 $0.00 Reply 

fortified (65) ▼ (/(©fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mining-or-illegal-or-revolutionary#@fortified/re-lavater-re-fortified-java-script-crypto- 

browser-mining-or-illegal-or-revolutionary-20170916t221255800z) 

Yes there is certainly a power and hardware payoff when this type of stuff is implemented 
into your browser. 

I shall have a look inott Brave Browser and BAT. 

Thanks. 

0 $0.00 Reply 


geke(64)'*' (/@geke) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining-or- [-]. 

illegal-or-revolutionary#@geke/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 

20170917tl73949130z) 

fascinating... trying to now figure out how the market will self-regulate in response to this... 

0 $0.00 Reply 

fortified (65) ▼ (/(©fortified) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@fortified/re-geke-re-fortified-java-script-crypto-browser- 

mining-or-illegal-or-revolutionary-20170918tl50838700z) 

Yes it could be a game changer if its open and transparent enough. 

0 $0.00 Reply 


teenovision (50) ▼ (/@teenovision) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mi ning-or-illegal-or-revolutionary#@teenovision/re-fortified-java-script-crypto-browser-mining-or- 
illegal-or-revolutionary-20170918t071347304z) 
next evolution in digital space 


0 $0.00 Reply 


fortified (65) ▼ (/(©fortified) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mining-or-illegal-or-revolutionary#@fortified/re-teenovision-re-fortified-java-script-crypto- 

browser-mining-or-illegal-or-revolutionary-20170918tll5210100z) 

Could quite possibly be. 

0 $0.00 Reply 


papcio(34)^ (/@papcio) ■ 5 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining- [-] 

or-illegal-or-revolutionary#@papcio/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 

20170919tl63433700z) 

omg 

0 $0.00 Reply 


nishikanth(29)'* r (/@nishikanth) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto-browser- [-] 

mining-or-illegal-or-revolutionary#@nishikanth/re-fortified-java-script-crypto-browser-mining-or-illegal-or- 

revolutionary-20170916t212727995z) 

jsecoin.com mining is down from 2 days, on browser. 

© $0.00 lvote'*' Reply 

fortified (65) ▼ (/(©fortified) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mining-or-illegal-or-revolutionary#@fortified/re-nishikanth-re-fortified-java-script-crypto- 

browser-mining-or-illegal-or-revolutionary-20170916t221105600z) 

? 

It was working about and hour ago. 

0 $0.00 Reply 


croat(48)’* > (/@croat) • 6 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining-or- [-]. 

illegal-or-revolutionary#@croat/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 

20170916t205020115z) 

Thank you (©fortified (/(©fortified). Very informative!^ 

0 $0.00 Reply 

fortified (65) ▼ (/<©fortified) • 5 months ago (/cryptocurrency/@fortified/java-script-crypto- [-]. 

browser-mining-or-illegal-or-revolutionary#@fortified/re-croat-re-fortified-java-script-crypto-browser- 

mining-or-illegal-or-revolutionary-20170918tll5404200z) 

No probs 

0 $0.00 Reply 


shawl (47) ▼ (/@shawl) ■ 5 months ago (/cryptocurrency/@fortified/java-script-crypto-browser-mining- [-]. 

or-illegal-or-revolutionary#@shawl/re-fortified-java-script-crypto-browser-mining-or-illegal-or-revolutionary- 

20170927t000208451z) 

From a legal standpoint, running arbitrary javascript code is not breaking the law. Mining crypto with a 
website isn't a problem at all. 

My own site does this. (Micro earnings crypto site). 

The issue is when they hide it. 

The earnings are abysmal. There is a reason it hasn't been more widely used. But as an 
accomplishment, it is pretty darn cool. And hopefully can find a niche to be worthwhile in. 

Basically, I think it's all in how you use it. If I add tons of hidden ads to my site, I'm a thief stealing from 
advertising companies. But if I use them in their proper place, as they are meant to be used, I'm just a 
smart businessman. 

My 2 cents, anyhow. 

0 $0.00 lvote'*’ Reply 


nishadhasan(43)'»- (/@nishadhasan) • last month (/cryptocurrency/@fortified/java-script-crypto- [-] 

browser-mi ning-or-illegal-or-revolutionary#@nishadhasan/re-fortified-java-script-crypto-browser-mining-or- 
illegal-or-revolutionary-20180118t204102894z) 

(©fortified (/@fortified) That's why I never prefer to run javascript on my browser after getting 
knowledge about cryptocurrency mining. Great post BTW. 
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